Explain the main traffic measurement and analysis methodologies, and relevant metrics from the perspective of network infrastructure performance and security.
Know the architectures for analyzing and controlling traffic in different types of networks.
Explain the models and protocols underlying traffic anonymization.
Apply data dimensionality reduction techniques.
Apply traffic capture and analysis methodologies across the protocol stack.
Apply traffic detection and classification techniques.
Test the operational security of networks using protection and intrusion detection systems.
Program
Measurement methodologies, main performance and security metrics.
Methodologies for traffic capture. Dimensionality reduction techniques.
Centralized and distributed architectures for traffic analysis and control.
Traffic analysis: traffic inspection levels, statistical analysis of traffic flows.
Assessment of the network profile using supporting tools for traffic detection, capture and analysis.
Intelligent traffic detection and classification strategies.
Traffic anonymization: models, protocols, characterization and detection of anonymized traffic.
Network operational security: detection and protection of intrusions in communications networks. Generation of network IOCs.
Challenges and research opportunities.
Bibliography
C. Sanders. Applied Network Security Monitoring: Collection, Detection, and Analysis. Syngress, 2014.
R. Bejtlich. The Practice of Network Security Monitoring. Understanding Incident Detection and Response. No Starch Press, 2013.
M. Collins. Network Security Through Data Analysis: From Data to Action. 2nd Edition, O’Reilly, 2017.
Z. Tari, A. Fahad, A. Almalawi, X. Yi. Network Classification for Traffic Management: Anomaly detection, feature selection, clustering and classification. IET, 2020.